Threat Database Ransomware Yajoza Ransomware

Yajoza Ransomware

The Yajoza Ransomware is threatening ransomware that can wreak havoc on any computer it manages to infect. Despite the fact that the Yajoza Ransomware is classified as a variant belonging to the VoidCrypt malware family, the Yajoza Ransomware shouldn't be underestimated in the slightest. Victims will have nearly all of their files locked with an uncrackable cryptographic algorithm. All affected marks will have their original names modified drastically. The Yajoza Ransomware uses the following naming pattern - [Original Name].[Hacker's Email Address].[Unique ID].[Unique File Extension]. The email address provided by Yajoza is 'golpayagob[@]' while the file extension is '.yajoza.' When the encryption process is completed, the threat will drop its ransom note in the form of text files named 'Decrypt-me.txt.'

The ransom note instructs users that if they want to receive the decryption key and software from the hackers, they will have to pay a ransom using the Bitcoin cryptocurrency. The exact sum is not mentioned. Another requirement is to send the 'prvkey*.txt.key' file that was created by Yajoza Ransomware. The asterisks symbol may be replaced by a number.

Alongside the prvkey file, users are allowed to send a single locked file that is less than 1MB in size that will supposedly be decrypted for free. The primary email address that should be used for initiating communication is 'golpayagob[@]' However, if there is no answer, victims of the Yajoza Ransomware are directed towards messaging a reserve email at 'yajoza11[@]'

The full text of the ransom note is:

'All Your Files Has Been Encrypted
You Have to Pay to Get Your Files Back

1-Go to C:\ProgramData\ or in Your other Drives and send us prvkey*.txt.key file , * might be a number (like this : prvkey3.txt.key)
2-You can send some file little than 1mb for Decryption test to trust us But the test File should not contain valuable data
3-Payment should be with Bitcoin
4-Changing Windows without saving prvkey.txt.key file will cause permanete Data loss

in Case of no


Most Viewed